Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/uSTmAGd3s6PIiJS7L9fCWnZp5zo.roa
File: uSTmAGd3s6PIiJS7L9fCWnZp5zo.roa (raw, json)
Hash identifier: 9qcben1NxiwJCjU91w/96P7stG+6sdHi/LPUMUAw9Ps=
Subject key identifier: B9:24:E6:00:67:77:B3:A3:C8:88:94:BB:2F:D7:C2:5A:76:69:E7:3A
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CC86FC1B38A105B8507C790D5935768A0
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/uSTmAGd3s6PIiJS7L9fCWnZp5zo.roa
Signing time: Tue 02 Jan 2024 04:30:16 +0000
ROA not before: Tue 02 Jan 2024 04:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 91.193.28.0/24 maxlen: 24
31.135.4.0/24 maxlen: 24
31.135.4.0/23 maxlen: 23
91.193.29.0/24 maxlen: 24
31.135.5.0/24 maxlen: 24
176.112.80.0/22 maxlen: 24
109.207.139.0/24 maxlen: 24
109.207.137.0/24 maxlen: 24
109.207.136.0/24 maxlen: 24
109.207.138.0/24 maxlen: 24
176.96.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:c1:b3:8a:10:5b:85:07:c7:90:d5:93:57:68:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 04:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b924e6006777b3a3c88894bb2fd7c25a7669e73a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0a:fa:53:1b:75:6d:f2:c2:37:d8:96:0d:f7:
76:69:55:e3:78:62:09:1e:a7:19:0e:b4:25:b7:22:
e4:cd:ed:bb:08:45:6c:d5:33:58:34:d9:c1:c0:03:
f1:51:2a:2c:39:64:5a:a7:5a:77:09:52:a6:cd:02:
a9:b9:53:3c:bd:4f:48:73:48:81:78:de:81:b8:3d:
b7:ca:cf:57:b4:b8:35:99:05:c3:87:2e:07:d4:66:
f7:28:53:87:a8:7a:53:41:7a:3a:a8:d3:e2:9f:73:
a8:5c:8c:52:0c:60:bf:3a:41:99:e3:2a:d1:48:de:
0c:9d:0b:51:b3:e8:6b:c6:b3:ad:5f:3a:56:83:36:
ff:04:de:61:32:cf:44:46:d5:4a:5e:d2:69:91:dc:
44:e1:e6:ca:23:75:d0:d6:f9:45:84:ca:0d:78:96:
b1:f9:89:bc:ee:af:5d:41:82:e7:ef:e3:7b:95:ed:
e4:c4:26:f7:7d:df:8f:b7:38:1c:41:d8:24:53:41:
c7:a7:2a:aa:b4:13:af:27:9d:29:a6:b0:7f:c9:30:
98:dc:f4:a4:31:00:71:e9:21:77:c8:93:7f:8f:73:
55:57:32:c6:48:82:69:aa:47:52:01:74:60:08:6b:
b1:e3:c7:c1:57:4a:68:84:e3:fb:58:04:5b:11:64:
42:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:24:E6:00:67:77:B3:A3:C8:88:94:BB:2F:D7:C2:5A:76:69:E7:3A
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/uSTmAGd3s6PIiJS7L9fCWnZp5zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.4.0/23
91.193.28.0/23
109.207.136.0/22
176.96.95.0/24
176.112.80.0/22
Signature Algorithm: sha256WithRSAEncryption
72:46:f9:0f:80:50:8f:5f:44:76:e8:0c:25:a2:9c:3c:42:ad:
01:a0:fe:93:fe:f5:92:10:10:01:49:c7:c2:f2:c4:b6:2e:4d:
bf:20:42:e3:bc:fb:11:24:40:d2:ec:6f:2c:7a:41:72:8c:0b:
10:66:b1:5f:95:1c:1d:3c:5c:b7:84:6d:d1:69:8a:22:3f:b3:
f6:32:ce:7d:d5:98:cc:41:5d:de:a0:d6:27:81:e1:bb:94:4b:
bc:83:fc:7a:1b:8a:50:81:0a:25:36:a7:cb:6f:b0:ff:13:34:
c6:3a:f1:e3:d0:84:60:93:db:bf:8a:1d:52:f2:a1:98:09:96:
af:ba:60:9c:ac:0f:26:17:ae:db:02:21:63:00:a6:b9:5d:2e:
3f:0b:3b:ce:74:58:d6:0d:0a:3d:15:1a:89:c6:a9:53:90:52:
f5:09:3d:b8:1b:d3:33:fb:d2:17:13:9e:37:5f:d9:a8:05:54:
84:36:69:26:d0:e8:82:0e:e6:5b:f5:c8:ff:39:5c:19:89:48:
2b:00:6b:37:e9:63:22:75:09:5a:e7:dd:e8:99:78:ca:63:29:
c8:0a:79:2f:a8:b0:c0:a0:31:5c:a6:cf:b5:ae:9a:ec:c2:7f:
86:c0:0c:6e:3f:1d:55:40:15:43:8b:ad:51:5e:62:4c:05:32:
a5:29:97:15
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIb8GzihBbhQfHkNWTV2igMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwMTAyMDQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTI0ZTYwMDY3NzdiM2EzYzg4ODk0YmIyZmQ3YzI1YTc2NjllNzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwr6Uxt1bfLCN9iWDfd2aVXjeGIJ
HqcZDrQltyLkze27CEVs1TNYNNnBwAPxUSosOWRap1p3CVKmzQKpuVM8vU9Ic0iB
eN6BuD23ys9XtLg1mQXDhy4H1Gb3KFOHqHpTQXo6qNPin3OoXIxSDGC/OkGZ4yrR
SN4MnQtRs+hrxrOtXzpWgzb/BN5hMs9ERtVKXtJpkdxE4ebKI3XQ1vlFhMoNeJax
+Ym87q9dQYLn7+N7le3kxCb3fd+PtzgcQdgkU0HHpyqqtBOvJ50pprB/yTCY3PSk
MQBx6SF3yJN/j3NVVzLGSIJpqkdSAXRgCGux48fBV0pohOP7WARbEWRCkwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLkk5gBnd7OjyIiUuy/Xwlp2aec6MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvdVNUbUFHZDNzNlBJaUpTN0w5ZkNXblpwNXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBH4cEAwQB
W8EcAwQCbc+IAwQAsGBfAwQCsHBQMA0GCSqGSIb3DQEBCwUAA4IBAQByRvkPgFCP
X0R26Awlopw8Qq0BoP6T/vWSEBABScfC8sS2Lk2/IELjvPsRJEDS7G8sekFyjAsQ
ZrFflRwdPFy3hG3RaYoiP7P2Ms591ZjMQV3eoNYngeG7lEu8g/x6G4pQgQolNqfL
b7D/EzTGOvHj0IRgk9u/ih1S8qGYCZavumCcrA8mF67bAiFjAKa5XS4/CzvOdFjW
DQo9FRqJxqlTkFL1CT24G9Mz+9IXE543X9moBVSENmkm0OiCDuZb9cj/OVwZiUgr
AGs36WMidQla593omXjKYynICnkvqLDAoDFcps+1rprswn+GwAxuPx1VQBVDi61R
XmJMBTKlKZcV
-----END CERTIFICATE-----
Generated at Fri May 24 01:25:53 2024 by rpki-client on console-ams.rpki-client.org